slash-command-factory
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely through local string manipulation and file validation. It does not perform any network operations, external downloads, or data exfiltration.
- [SAFE]: The code enforces security-conscious patterns for the generated output, specifically prohibiting blanket Bash permissions and requiring subcommand-level specificity (e.g., 'Bash(git add:*)' instead of 'Bash').
- [SAFE]: No obfuscation, prompt injection, or suspicious persistence mechanisms were found in the skill metadata, Python scripts, or command presets.
- [SAFE]: The skill uses only standard Python libraries (os, re, json) and does not contain any executable commands or remote code execution vectors.
Audit Metadata